Individuals and organizations often seek to improve the security of their computing systems. One method of improving computer security involves adding software and files to a whitelist. Whitelists generally identify sets of trusted files. In one example, a computing system may achieve increased security by executing only whitelisted software packages. Whitelisting may be used in other ways as well. For example, a computer security system may gain certain efficiencies by forgoing security scans on whitelisted files since such files are already known to be trusted.
While whitelisting can be a powerful tool for improving system efficiency and/or preventing malicious files from harming a system, the ever-increasing quantity and/or complexity of software may make the process of creating and/or maintaining whitelists problematic and/or unwieldy. For example, some whitelisted software packages may call for updates that involve downloading additional and/or replacement files from the Internet. Unfortunately, because these additional and/or replacement files are not necessarily whitelisted, such files may trigger certain security events and/or alerts that interfere with the software's functionality. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems for whitelisting file clusters in connection with trusted software packages.